hands-on lab

Managing Access in Azure Using Privileged Identity Management

Difficulty: Beginner

Duration: Up to 1 hour and 15 minutes

Students: 1,259

Rating: 4.1/5

Microsoft has currently disabled new registrations for the MS 365 Dev program. For the time being, please treat the lab as read-only or bring your own MS 365 account. Our team is currently working on an update, thank you for your understanding.

Start lab

Get guided in a real environmentPractice with a step-by-step scenario in a real, provisioned environment.

Learn and validateUse validations to check your solutions every step of the way.

See resultsTrack your knowledge and monitor your progress.

Description

Azure AD Privileged Identity Management (PIM) lets admins manage and monitor the access in Azure, either to Azure AD roles or Azure resources. PIM gives just-in-time access to Azure AD roles and Azure resources that is also time-bound and approval based, which helps to mitigate risks of malicious actors gaining privileged access to Azure items and potentially causing harm to the organization. This also helps to mitigate the risk of excessive and unnecessary access permissions to resources.

In this lab, you will assign a privileged role to a user and activate that role using PIM.

Note:

Due to this lab requiring the creation of a Microsoft 365 organization with an Admin Center, if you don't already have one you will need to provide a mobile phone number to pass the account creation process.
This lab requires signing in with a test user account. You may have to deal with additional security prompts by Azure AD. In which case, you may wish to skip these requests or disable the underlying feature for learning purposes. Cloud Academy does not endorse or recommend disabling any security measure in a production environment.